<?php
defined( '_VALID_MOS' ) or die('<script>window.location.href="http://www.kinifurniture.com";</script>');
$adm_functions->is_admin_login();
$adm_menu='
<table width="100%" class="menubar" cellpadding="0" cellspacing="0" border="0">
	<tr>
		<td class="menudottedline" width="40%">
			<div class="pathway"><img src="assets/admin/'.$SITE_LOGO_ADMIN.'"/></div>	</td>
		<td class="menudottedline" align="right">
			<table cellpadding="0" cellspacing="0" border="0" id="toolbar">
				<tr valign="middle" align="center">
					<td>&nbsp;</td>
					<td>
					<a class="toolbar" href="javascript:kliksubmit();">
						<img src="show_files/save.png"  alt="Save" name="save" title="Save" align="middle" border="0" />				<br />Save</a>
					</td>
					<td>&nbsp;</td>
					<td>
						<a class="toolbar" href="admin.php?show=news_manager">
						<img src="show_files/cancel.png"  alt="Cancel" name="cancel" title="Cancel" align="middle" border="0" />				<br />Cancel</a>
					</td>
				</tr>
			</table>
		</td>
	</tr>
</table>
<br />
';
if ($msg=='1')	$error_message='Success Edit News Detail';

if ($id)
{
	$qryedit="select * from news where id=$id and news_type='N'";
	$selectedit=$dbh->query($qryedit);

	while($sqlRowedit=mysql_fetch_object($selectedit))
	{
		$val_filename=$sqlRowedit->filename;
		if ($val_filename=='' )
			$filename='<input type="file" name="inp_upl_file"/>';
		else
			$filename='<input class="inputbox" type="checkbox" name="inp_del_file" value="Y" /> Delete this file <font color="green">('.$val_filename.')</font>';
		$val_title=$sqlRowedit->title; 
		$val_content=$sqlRowedit->contents;
		$val_url=$sqlRowedit->url;
		if ($sqlRowedit->status=='Y') 
		{
			$val_select1='selected';
			$val_select2='';
		}
			else 
		{
				$val_select1='';
				$val_select2='selected';
		}
		if ($sqlRowedit->target=='B') 
		{
			$val_select3='selected'; 
			$val_select4=''; 
		}
			else 
		{
			$val_select3=''; 
			$val_select4='selected'; 
		}
		$val_newsid=$id;
		$section='Edit News';
	}
}
//if($inp_newsid)
//{
//	$dbh->query("update news set 
//	title='$inp_title', 
//	contents='$inp_content',
//	url='$inp_url',
//	status='$inp_active',
//	target='$inp_target'
//		where id=$inp_newsid");
//	echo '<script>window.location.href="admin.php?show=edit_news&id='.$inp_newsid.'&msg=1";</script>';
//}
if($inp_newsid)
{
	if ($inp_del_file=='Y')
	{
		$dbh->query("update news set 
			title='$inp_title',
			contents='$inp_content',
			url='$inp_url',
			status='$inp_active',
			target='$inp_target',
			filename=''
			where id=$inp_newsid");
		@unlink("files/".$inp_file);
		echo '<script>window.location.href="admin.php?show=news_manager";</script>';

	} else
	{
		if($_FILES['inp_upl_file']['name'])
		{
			$fileexists='N';
			$file_name=basename($_FILES['inp_upl_file']['name']);
			$ekstensi=substr($_FILES['inp_upl_file']['name'],-3);
			if ($ekstensi=='pdf')
//			echo "<script>alert('".$ekstensi."');</script>";
			{
				$qryname="select * from news where filename='$file_name'";
				$selectname=$dbh->query($qryname);
				while($sqlRowedit=mysql_fetch_object($selectname))
				{
					$fileexists='Y';
				}
				if ($fileexists=='Y') 
				{
					echo '<script>alert("The Filename is already exists, try another filename");</script>';
				}
				else
				{
					$uploaddir = 'files/';
					$uploadfile = $uploaddir . basename($_FILES['inp_upl_file']['name']);
					move_uploaded_file($_FILES['inp_upl_file']['tmp_name'], $uploadfile);
					$img_name=basename($_FILES['inp_upl_file']['name']);
					$qry_image='filename=\''.$file_name.'\',';
				}
			} else echo '<script>alert("The File Extension must be PDF");</script>';
		} else 	$qry_image='';

		if ($fileexists!='Y')
		{
			$dbh->query("update news set 
			title='$inp_title', 
			$qry_image
			contents='$inp_content',
			url='$inp_url',
			status='$inp_active',
			target='$inp_target'
				where id=$inp_newsid");
			echo '<script>window.location.href="admin.php?show=edit_news&id='.$inp_newsid.'&msg=1";</script>';
		}
	}
}

?>